Ask yourself why a European privacy regulator can propagate the preposterous view publicly that the US has "no effective privacy laws." And lots of people seem to believe that. And why does it matter?
On the global stage, Europe is convincing many countries around the world to implement privacy laws that follow the European model. The facts speak for themselves: in the last year alone, a dozen countries in Latin America and Asia have adopted euro-style privacy laws. Not a single country, anywhere, has followed the US-model.
Indeed, what is the US model? People in the privacy profession know that the US has a dense "patchwork" model of privacy laws: every individual US State has numerous privacy laws, the Federal government has numerous sectoral laws, and numerous other "non-privacy" laws, like consumer protection laws, are regularly invoked in privacy matters. Regulators in many corners of government, ranging from State attorneys general, to the Federal Trade Commission, and armies of class action lawyers inspect every privacy issue for possible actions.
How on earth do you explain US privacy laws to an international audience? How do you explain the role of class action litigation to people in countries where it doesn't even exist? The US privacy law narrative is convoluted. That's a pity, since almost all of the global privacy professionals with whom I've discussed this issue agree with me that the sum of all the individual parts of US privacy laws amounts to a robust legal framework to protect privacy. (I didn't say "perfect", since laws never are, and I'm not grading them either.)
By contrast, Europe's privacy narrative is simple and appealing. Its laws are very general, aspirational, horizontal and concise. Critics could say they're also inevitably vague, as any high-level law would have to be. But, like the US Bill of Rights, they have a sort of simple and profound universality that has inspired people around the world. And they are enforced (at least, on paper) by a single, identifiable, specialist regulator.
Europe does a great job explaining (or marketing, if you prefer). The US has to figure out how to explain its privacy laws on the global stage. There's more at stake than just prestige. There's more at stake than just asking why Uruguay, to take a random recent example, looked to Spain, rather than the US, for inspiration as it wrote its recent privacy laws. What is at stake are important things: first, trust in US-based companies and trust in the US Government around the world. People will trust them less if they believe the story-line that they operate in a country with "no effective privacy laws". And second, hopes to include digital trade in President Obama's initiative for a grand new US-Europe Trade Pact. The lack of "adequate" US privacy laws is cited by Europeans as a reason why it is illegal to transfer personal data from Europe to the US, which is quite obviously, at least in part, a free trade issue. Privacy will prove a serious roadblock to any such future trade pact, as long as some people in Europe can argue that the US has no effective privacy laws.
Privacy is not alone among complicated subjects in need of a simple narrative. Visit a cathedral, if you need inspiration.